mailman -- CSRF protection enhancements
Mark Sapiro reports:
CSRF protection has been extended to the user options page. This
was actually fixed by Tokio Kikuchi as part of the fix for LP:
#775294 and intended for Mailman 2.1.15, but that fix wasn't
completely merged at the time. The full fix also addresses the
admindb, and edithtml pages as well as the user options page and the
previously fixed admin pages. Thanks to Nishant Agarwala for reporting the issue.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright